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(54) Title: BIOMETRIC IDENTIFICATION SYSTEM FOR PROVIDING SECURE ACCESS 
(57) Abstract 

A portable device is disclosed for receiving biometric 
information and for providing a signal in dependence thereon 
to a remote receiver. The device comprises a biometric sensor 
for imaging fingerprints, a processor for encoding the input 
biometric information, an infrared transmitter for transmitting 
the encoded biometric information to a receiver, and a power 
source. The device can be implemented in a watch, key chain, 
ID badge or a credit card. 
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BIOMETRIC IDENTTHCATfON SYSTEM FOR PROVIDING SECURE ACCESS 

Field of the Invention 

This invention relates generally to personal identification systems and more 
particularly relates to a biometric security identification system (BSIS). 

5 

Background of the Invention 

Biometric security identification systems, such as fingerprint scanning and input 
devices are becoming more commonplace as the need to validate authorized users of 
computers, databases, and secure spaces grows. As computers become more miniaturized* so 
10 too are other communication and security devices decreasing in size. One of the more 
important reasons, however, to miniaturize electronic devices is to lessen the burden of 
porting them. 

The use of security systems is generally well known. Their use is increasing with 
15 greater availability of digital electronic components at a relatively low cost. Such systems are 
known for securing buildings, banks, automobiles, computers and many other devices. For 
example, U.S. Pat. No. 4, 95 1 , 249 discloses a computer security system which protects 
computer software from unauthorized access by requiring the user to supply a name and a 
password during the operating system loading procedure ("booi-up") of a personal computer 
20 (PC). This is accomplished by the insertion of a special card mto an input/output expansion 
slot of the PC. During the loading of the operating system of the PC, the basic input/output 
system (BIOS) scans memory addresses of the card for an identification code, consisting of a 
55AA hex code. When this hex code is located, the BIOS instructions are vectored to the 
address where the target hex code resides and instructions at the following addresses are 
25 executed as part of the initialization routines of the system boot-up procedure. 

This PC security system, utilizing password protection, is typical of many systems 
that are currently available. Password protection requires a user's name and a password 
associated with that user's name. Only once an associated password is detected for a valid 
30 user's name does the PC complete the boot-up routine. Though passwords may be useful in 
some instances, they are inadequate in many respects. For example, an unauthorized skilled 

1 
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user with a correct password in hand, can gain entry to such a processor based system. Yet 
another undesirable feature of the foregoing system is that passwords on occasion are 
forgotten; and forthermore, and more importantly, passwords have been known to be 
decrypted. 

5 

As of late one of the most ubiquitous electronic components is the digital processor. 
Multi-purpose and dedicated processors of various types control devices ranging from bank 
machines, to cash registers and automobiles. With ever increasing use of these processor 
based devices, there is greater concern that unauthorized use will become more prevalent. 
10 Thus, the verification and/or authentication of authorized users of processor based systems is 
a burgeoning industry. 

Alarms and security systems to warn of imauthorized use of automobiles and other 
processor controlled systems are available, however, these security systems have been known 

15 to be circumvented. Unfortunately, many commercially available solutions aimed at 

preventing theft or unauthorized use of automobiles have also been circumvented. As of late, 
initiatives have been underway in the security industry, to provide biometric input devices to 
validate users of electronic and other systems, that are to have restricted access. One 
limitation associated with many typical commercially available biometric systems is the large 

20 physical size of the imaging devices. Concern with placing a biometric input device in an 
location that is accessible to the public is the risk of the input device being vandalized. 

In the field of digital and analog communications, wireless devices are becoming 
more commonplace. Inexpensive computer systems are currently commercially available 
25 wherein printers communicate with computers which in turn communicate with other 
computers via infra red transmitters and receivers. Other devices, using other optical 
communication systems, such as data transmitting/receiving wrist watches are now available 
in department stores at substantially affordable prices; these wrist watches include processors 
and software for communication with a computer and for downloading and uploading small 
30 amounts of data as required. 
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Object of the Invention 

It is an object of this invention to provide a portable biometric input device for 
sensing input biometric data, and transmitting the data to a receiver. 
5 Summary of the Invention 

In a first broad embodiment the invention seeks to provide a portable biometric input 
device comprising: biometric sensing means for sensing biometric input information, 
generating biometric data therefrom, and providing the biometric data in relation to the 
10 sensed biometric input information; transmission means for receiving at least an aspect of the 
biometric data and for transmitting a signal in dependence upon the at least an aspect of the 
biometric data; and a battery for providing power to the device. 

In an embodiment, the transmission means is a wireless transmission means for 
15 transmitting a signal in dependence upon the at least an aspect of the biometric data. 

In an embodiment, the transmission means comprises a biometric data encoder and an 
infrared transmitter for transmitting a signal in dependence upon the at least an aspect of the 
biometric data. 

20 

In an embodiment, the device further comprises storage means for storing data related 
to said biometric data. 

In an embodiment, the device further comprises processor means for processing the 
25 biometric data. 

In an embodiment, the processor means is for comparing the biometric data with 
previously stored biometric data to provide comparison results; and the signal in dependence 
upon at least an aspect of the biometric data comprises a signal in dependence upon the 
30 comparison results. 
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ta an embodiment device Itother comprises means to receive a password ^ 
„he.,n.he«ssio„m«nsisfor,nnsmi«ingasignM independence uponatleastan 

aspect of the biomelric data and tlie password. 

to an embodiment, the device fbnher comprises means to r«»iv. a password ^ 
^.he processor means is for comparing .he biometricdauwithpronomly stored 
bi^^tric data and .he passv^rdandapreviousi, stored password to provide compartson 
^,s;a„d,he signal indep^tdenceup^n a. ieastanaspecofthebiom^ricdatncomptseaa 

signal in dependence upon the comparison results. 

m an embodiment, the device further comprises means for encrypting at least an 
aspect the biometricdata; and the transmissionmeansis for receiving the encrypted dataand 

for transmittingasignal independence uponthe at least an aspect of theencryptedda.^ 

in an embodiment, the means for encrypting the biometric data comprise 
public/private key encryption means. 

Alternatively, the means for encrypting the biometric data comprise session key 
encryption means. 

m an embodiment, the biometric input means is a fingerprint imaging device. 

m an embodiment, the device further comprises a housing in the form of a watch 
casement and a watch face. 

In an embodiment, the biometric input means comprises associated electronic 
circuitry and conductive pads disposed on the watch face. 

In a further broad embodiment, the invention seeks to provide a portable biomenric 
30 i„putsensorcomprising:ananayofsenseelementsspacedapartandcomprisingasensmg 
electrode for sensingbiometric input; drivemeanscoupled to at least some of the sense 
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elements for controlling and addressing each of the at least some sense elements according to 
a predetermined sequence, for receiving a signal in dependence upon the biometric input, and 
for providing biometric data in dependence upon the sensed biometric input; processor means 
for processing biometric data; and, wireless transmission means for transmitting to a receiver 
a signal that corresponds to at least an aspect of the biometric data. 

In an embodiment, the device further comprises means for encrypting the biometric 
data further comprising means for encrypting at least an aspect the biometric data; and the 
transmission means is for receiving the encrypted data and for transmitting a signal in 
dependence upon the at least an aspect of the encrypted data. 

In an embodiment, the means for encrypting the biometric data comprise ' 
public/private key encryption means. 

In an embodiment, the means for encrypting the biometric data comprise session key 
encryption means.. 

In another broad embodiment the invention seeks to provide a biometric security 
identification system comprising: a portable transmitting module comprising a biometric 
sensing means, means for encoding biometric data and wireless transmission means for 
transmitting the encoded biometric data as an encoded signal; and a receiving module 
comprising means for receiving the encoded signal, means for extracting the encoded 
biometric data* and means for comparing the encoded biomeuic data with predetermined 
reference values, and means for authorizing access to a host system. 

In an embodiment, the biometric sensing means comprises a fingerprint scanner. 

In an embodiment, the device further comprises means for encrypting the biometric 
data further comprising means for encrypting at least an aspect the biometric data; the 
transmission means is for receiving the encrypted data and for transmitting a signal in 
dependence upon the at least an aspect of the encrypted data; and the means for extracting the 
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bioraetric data. 
5 pubUc/private key encryption means, 
encryption means. 

corresponds to at least an aspect of the sensca 
^.«™peH„.—. Providian ani.pu,s«»o,«s«ve...>^^- 

" ^^^^ 

the validation process, to validate both the sensor and the user, 
the attached drawings in which: 
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Fig. 1 is a block diagram of the biometric security identification system (BSIS) 
according to the invention; 

Fig. 2 is a simplified diagram of a sensing device for use with the present invention 
5 showing an anray of sensing elements together with associated addressing circuitry; 

Fig. 3 is a simplified diagram of a sensing element for use with the present invention; 

Fig. 4 is a schematic diagram of an amplifier circuit for use with the present invention; 

Fig. 5a is a digital watch according to the present invention; 

Fig. 5b is an analogue watch according to the invention; 

Fig- 6 is a block diagram of the transmitting module of Fig. 1 ; 

Fig. 7 shows a block diagram of the receiving module of Fig. 1 ; 

Fig. 8 is a flowchart for illustrating a mode of operation of an embodiment of a BSIS 
according to the present invention; 

Fig. 9 is a flowchart for illustrating a mode of operation of an embodiment of a BSIS 
1 5 according to the present invention ; 

Fig. 1 0 is a flowchart for illustrating a mode of operation of an embodiment of a BSIS 
according to the present invention further comprising bi-directional communication; 

Fig. 11 is a flowchart for illustrating a mode of operation of an embodiment of a BSIS 
using bi-directional communication and a time out according to the present invention; 
20 Fig. 1 2 is a biometric credit card according to the present invention; 

Fig. 13 is a device according to the present invention incorporated into a keychain and 
using infrared wireless conununication; and 

Fig. 14 is a device according to the present invention incorporated into a keychain and 
using RF wireless communication. 

25 

Detailed Description 

Fig. 1 illustrates the block diagram of a biometric security identification system 
(BSIS) according to the invention. The system comprises a transmitting module 10 and a 
receiving module 20 connected over a transmission channel in the form of a wireless 
30 transmission channel. The transmitting module 10 measures a biometric characteristic of a 
person requesting access to a protected host system and converts the biometric characteristic 

7 
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r unn (m code The transmitter moduJe is adapted to be carried or 
intoabiometric.der.t,ficatm(lD)code.Th . . ^ , ^st >vatch, a badge, a 

,om by the user.and therefore car^ take ar^ysmtable form, suchasa 

wallet, etc. 

5 Theb,om«nc ,„ 4k protected host sys«m « 

„f«„id«,t,f,c«ionp™«s.U,.h.«ay^acc« ^ ^^^^^^^^^ ^^^^ 

10 varying code. Selected passwords can be unique torn 



the user. 



lJp™v,d..»it.aflngctpH™™ae,«.a«cHbe.in.<«de.^.lW»». 

„ sys.em.The.ransni.ss.on.spreferab.ym . ' 1» and 

,iom.*B.b».anyo*.r.ypeotco™— '^"-^ 

■ • ™«l,Je20maybemed.Preferab\yw.reless<»nmura.at.onmeans 

ai«.,^byse.ec.eddesignparame.rs,s.chas*ed.s.».^be^^^^^^^ 
„ „;,edsbon.dn.nindze*e.iskofin«.cepU„nandreeord.n,ofab.ome.no,D. 

Mreceivi«gn»d*2.>=bio»»»i=ffii-on.pa.ed.oar=fcrenceropre.s»«^^^ 

J!TJcLbion«.Hon.(n^)»«c^-^"'°"^7:°*' 

a memory. II tnc currcui ui an ATM banking 

. *u • The host system could be a computer system, an A i m o & 



8 



wo 98/12670 



PCT/CA97/006e3 



access. In an alternative embodiment, the biometric ID is compared in the transmitting 
module 10 and an access code is sent to the receiving module 20 for comparison. 

Referring to Fig. 2. part of a sensing device for use in an embodiment of the present 
invention and implemented on a semiconductor chip is shown comprising a single active 
matrix addressed sensing pad 119 having an X-Y array of sense elements consisting of r rows 
(1 to r) with c sensing elements 1 17 in each row. In practice there may be about 300 rows and 
200 columns of regularly-spaced elements occupying an area of approximately 2 cm x 3 cm. 
This area is for accepting a fingertip for scanning. Should such a sensing pad 119 be made 
larger, it could be used for scanning other items such as a palm of a hand. 

Sensor elements 117 arc disposed in such a fashion that they are capable of 
distinguishing the smallest desired feature of a fingerprint. Preferably, the placement and 
spacing of the sensor elements allow an image of a fingerprint, once scanned, to contain all 
required features for analysis. The sensing element 117 is smaller than half the smallest 
sensible feature size allowing a suitable image to be generated. Empirical studies reveal that a 
square plate of about 50 ^m edge length is suitable for fingerprint sensing. Although the 
apparatus is described with reference to an amy of sensing elements 117 having substantially 
square shape, it is possible to use different configurations of sensing elements 117 such as 
concentric circles or a spiral and different shapes such as triangles, circles, or rectangles. 

The array of sensing elements 117 is connected through an analog switch matrix to 
facilitate reading the fingerprint image out of the sensing array 119. Timing and sequencing 
logic 116 selects each element in the array in turn to produce a complete image of a 
fingerprint presented to the device. The signal may be output directly as an analog signal or 
may be converted to a digital signal prior to output from the device. 

The sensing pad 119 further comprises a ground ring 115 and bonding pads 118 
designed for connection to other components or to packaging. The ground ring 115 also 
serves to provide a common ground for the sensing pad. Accordingly, it is important that the 
ground ring 115 and integrated circuit elements be designed so as to minimize noise to each 
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sensing element 117. The signal to noise ratio ttat is acceptable will vary bet«een 
applications and should be adjusted «. m=« .he „e«ls of a specific design. When possible, 
packaging should be selected to limit noise. 

5 Referring to Fig. 3. a single sensing plate 120 is shown. Such a sensing plate 120 is 

designedtobeused in arrays and preferably is smdlerthanhalfthe smallest sensible feature 

si« as indicated above. Charge sensing electrode 121 is connected to an active element which 

is shown as a three terminal switching device in the form of a field effect transistor (FET) 
havingasource.adrain,andagate 126. The gate 126 is connected to the sensing elecuode 

,0 121 by an interconnect 124. Disposed between the gate 126 and the transistor 130 is a gate 
oxide 127. Such transistor configuration is known in the art. 



20 



25 



30 



Above the charge sensing electrode 121 is disposed an overglass 122 which serves to 
p^tectthechargesensingelectrode 121 and to space the electrode andafingertip presented 
thereto Belowthe charge sensingelectrode 121 isdisposedafield oxide 125.Afinger placed 

against the overglass 122 induces charge in the charge sensing electrode 121. By amphfymg 
the charges induced by a fingertip on the charge sensing electrode 121 with an amplifier 
circuit such as is shown in Fig. 4.the induced chargescan be rendered easily distingui^^^^^ 

Referring to Fig. 4, a sensing pad 120 is electrically grounded. A second side is 
connected through electrostatic discharge protection 131 in the form of resistors and diodes. 
A filter circuit 132 and 133 improves circuit operation. Transistors 134. 135, 136, and 137 
provide amplification of induced voltages allowing a signal at an output of transistor 136 to 
be d^tized by a low cost A/D converter. 

Assuming that the charge density on the fmgertip is substantially even, induced 
charges on the charge sensing electrode 121 will depend solely on the distance between the 
charge sensing electrode 121 and the skin of the fingertip inducing the charge. Further, as the 
induced charge falls off with the distance, the closest skinofthe fingertip will inducealarger 

proportion of the charge. TTie sensor is employed in the above feshion to image fingertips. 
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Referring to Fig. 5a, a watch is shown comprising (in part) the present invention. The 
watch 50 is secured in place on a person's wrist for example by way of a strap 51. Alternative 
methods such as a chain as is common in pocket watches, a pouch (not shown), velcro, a pin, 
or means for securing the watch to a sporting apparatus may also be used. A time display 

5 means 52 in the form of an LCD display, an LED display, an analogue time display, a voice 
generated time, or a Braille time display is disposed upon the watch 50 in a conventional 
manner. Preferably, the time display means 52 is offset to allow for sufficient contiguous 
surface area for a biometric sensor 53. Alternatively, the biometric sensor 53 is designed to be 
superimposed upon the time display means 52 and not interfere therewith as shown in Fig. 

10 5b. An emitter port in the form of an infra red emitter port 55 is located on the watch 50 such 
that light emitted jfrom the infra red port 55 is directed toward a sensor (not shown) in use. In 
Fig. 5a and Fig. 5b, the infra red emitter port 55 is located on the top of the watch above the 
face and pointing substantially coplanar to the watch face. In this orientation, an emitted 
signal is directed away from the body of a user and forward during normal use. 

15 

The biometric sensor means 53 is of the form described above and shown in Figs. 2, 
3, and 4. Alternatively, the biometric sensor means 53 is a capacitive fingerprint scanner 
requiring pre-charging as are well known in the art. Further alternatively, the biometric 
sensing means 53 is an optical biometric scanning device in the form of a retinal scanner, an 
20 optical fu^erprint scanner, an optical palm scanner, or any other suitable (and portable) 
biometric sensing device. 

Referring to Fig. 5b, an analogue watch ISO is shown. Analogue watches of this type 
are well known and are in common use. On to the face of the analogue watch ISO are 

25 deposited a plurality of metal pads 155 and associated circuitry 156. The pads 155 and the 
associated circuitry 156 act as sensors and addressing circuitry and combine to form the sense 
electrode for a biometric input device. The analogue watch 150 is designed to be easily read 
in the presence of the pads 155 and the associated circuitry 156. This is accomplished by 
ensuring that a short hand on the watch 150 is long enough to be partially visible at each 

30 outside edge of the metal pads 150 in each possible orientation. Alternatively, this is 

accomplished by designing the hands of the watch to be visible through or between the pads 

11 
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150. Further alternatively, this is accomplished by designing the pads 150 such that 
information on positions of the watch hands is transmitted through or by the metal pads 150. 
Further alternatively, this is accomplished by designing the watch face with an offset 
analogue time indication providing sufficient space for the pads 150 as is shown in Fig. 5a. 

5 

The associated circuitry 156 is coupled to driver and sensing circuitry for reading the 
electrode in the form of metal pads 155 and for determining the presence of a fingerprint or 
other biometric input. The analogue watch 150 also comprises an infra red emitter port 55. 

10 Alternatively in Fig. 5a and Fig. 5b, the infra red emitter port 55 comprises a 

transceiver capable of transmitting and receiving information in the form of infra red signals. 
An emitter is sufficient for carrying out the invention but a transceiver adds additional 
fimctionality. A watch, such as those shown in Figs. 5a and 5b can accept information to 
fiirther enhance security of the invention during use. Further, a transceiver is useful in 
15 programming the device for password access or for new authorized users. Further, a 

transceiver is useful in storing a time log of accesses and providing same to a computer at 
intervals. 

Alternatively, the emitter 55 is a wireless emitter other than infrared. Further 
20 alternatively, the emitter 55 is in the form of a coupling device for coupling to the receiving 
module 20 and sending a signal thereto via a non-wireless electrical connection. 
Alternatively, the transceiver 55 is a wireless transceiver other than infrared. Further 
alteniatively, the transceiver 55 is in the form of a coupling device for coupling to the 
receiving module 20 and sending a signal thereto or receiving a signal therefrom via a non- 
2S wireless electrical connection. 

Fig. 6 shows a block diagram of the transmitting module 10 of the BSIS. The module 
10 comprises a power source in the form of a battery 5. The battery provides power to 
electronic circuits within the transmitting module 10. A reader 11 comprises a transducer, or 
30 sensor 15, 16, 17, and a drive circuit 18. The sensor is in the fonn of a contact imaging device 
for scanning a fingerprint. The contact imaging device may be in the form of Figs. 2. 3, and 4 
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or may be a conventional capacitive contact imaging device. Conventional capacitive contact 
imaging devices use a silicon substrate with an array of capacitive pads, each capacitor being 
associated with a driver. The sensing pads are disposed in close but non-contacting 
relationship. A small gap between adjacent elements ensures that adjacent edges of the 
elements do not wipe against one another when a finger is pressed against the sensing surface. 
The sensing surface is formed by film deposition on the substrate surface. Sensing pads are 
regularly spaced apart equally sized electrodes built by metal deposition on an appropriate 
glass or quartz substrate. Alternatively, the sensing pads are irregular and/or unequally 
spaced. A reader used for the transducer of an embodiment of the present invention is of a 
simplified design, adapted for large scale manufacture. The reader comprises a glass substrate 
IS for supporting a capacitive array 16 and a contact surface (sheet) 17. The array 16 
comprises Indium-Tungsten oxide traces which are overlapped with hard gold. Each 
capacitive element has a sense electrode and a switching device such that, v^hen a finger is 
pressed on the contact surface 17 each sense electrode and the respective overlying portion of 
the finger surface form opposite plates of a capacitor, the finger surface being at ground 
potential The insulating film and air gap, when present, provides the capacitor dielectric. The 
capacitances of these individual capacitors vary as a fiinction of the spacing between the 
finger and the contact surface, with smaller capacitance values occurring where the troughs in 
the finger surface are aligned with a sensor than where ridges are so aligned. 

Drive circuit 19 is, preferably, not disposed on the substrate as in conventional 
sensors. It is preferably coupled to switching devices for controlling and addressing each 
capacitive pad according to a mapping sequence whereby a predetermined potential is applied 
to each capacitive pad. When a finger is placed on sheet 17 charges are induced in array 16. 
Charge is induced in each capacitor in an uneven manner in dependence upon ridges and 
troughs in the fingertip. The sensor reads these induced charges in the form of changes in 
capacitance or capacitive charge and transforms them into a bitmap particular to the 
fingerprint or a group of fingerprints. 

Alternatively, the array of capacitive plates 17 is applied to a plastic film using metal- 
film processing or photographic image processing techniques. The plastic film is then applied 
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to any surface, such as a wallet, a key chain, a pen knife, a personal digital assistant, a 
transportable computer or a watch. Drive circuit 19 is then attached to the array of capacitive 
pads using conductive epoxy adhesives. or an anisotropic adhesive process. This allows for 
an inexpensive sensor substrate which can be produced on a large scale using conventional 
5 LCD techniques. 

The bitmap collected from the capacitive array is then input to processing unit 12 
which encodes the bitmap containing the fingerprint infonnation and generates a biometric 
ID. In one embodiment, processor 12 is an 8-bit microprocessor, such as Intel 8051. 
10 Processor 12 may include a standard encryption module which applies an encryption 
algorithm for generating an encoded biometric ID. 

An infrared transmitter 19 receives the biometric ID, modulates an infrared carrier 
with this informaUon and then transmits an authorization request signal to receiving module 
20. 

IS 

A keypad 13 and a display 14 are preferably provided at the transmitting module 10. 
Keypad 13 is used for providing fiirther data or functionality in the form of ON/OFF 
functionality and a password. In the embodiment comprising a watch, display means 14 
includes time information. 

20 

Receiving module 20 is shown in Fig. 7. Receiving module 20 is provided with 
appropriate transducer means 21 for receiving the authorization request signal and converting 
it into an electrical signal. Transducer 21 may be for example an IrDA diode. The transducer 
is controlled by a control Unit 25 in dependence upon the current operating mode as 
25 determined by a mode selector 26. Modes of operation for the device are discussed below. 
The converted electrical signal is applied to decoder 22 where the biometric ID is extracted in 
the conventional mode. The recovered biometric IDC and a reference IDREF are applied to a 
comparator 23. The reference ID is obtained from a memory 24, where it has been previously 
stored, using any of die conventional metiiods. If a password is also included in die received 
30 signal together witii the biometric IDC. the password is extracted by decoder 22 in addition to 
the biometric IDC, and compared witii a reference password in comparator 23. When the 
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result of the comparison indicates that the biomelric IDC and the password are acceptable, 
access to the host system is permitted. 

The receiving module 20 is initially configured in an ENROLL mode for obtaining 
5 and for storing one or more reference biometric samples. Enrolling software is normally 
inaccessible after the first use, or in a muhi-user system, re-entering the enroll mode is 
accomplished through a fimction key and is limited to an authorized person or authorized 
persons. After enrollment is completed, the module enters its NORMAL mode. 

10 The flow chart of Fig. 8 shows the operation of an embodiment of the invention. In 

step 30, the biometric data is read at the transmission module 10 with reader 11. As indicated 
above, in a preferred embodiment, reader 11 collects data indicative of the image of a 
fingerprint. Next, the biometric data is encoded in processing means 12, in step 31. 
Transmitter 16 broadcasts the biometric data, as illustrated in step 32. Next, in step 33. 

1 5 receiving module 20 receives the biometric data and decodes the biometric ID therefrom, and 
checks the mode indicator in step 34. When the receiving module is in the ^'enrolF' mode, the 
biometric ID is stored in memory 24 in step 35, and the receiving module is switched to the 
""access" mode of operation in step 36. 

20 When the receiving module 20 is in the "access" mode, the received biometric ID is 

compared with the reference biometric ID in step 37. If the received signal comprises also a 
password, receiving module 20 separates the password from the biometric ID, and 
additionally compares the password against a reference password in step 38. Finally, access to 
the host system is authorized or not, depending on the result of the comparison(s), as shown 

25 in steps 39 and 40 respectively. 

Alternatively, the transmitting module 1 0 is provided with a a change password 
initiator in the form of a key or a button allowing a user of the transmitting module 10 to 
enter a mode to alter their password. In this embodiment, an initial arbitrary password (such 
30 as none or "password*') is set. Entering the mode to alter the password requires user 

verification of the existing password, user entry of a new password and user verification of 
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electronic storage means is in the form of RAM. Ahematively, the electronic storage means 
comprises magnetic storage means, optical storage means, mechanical storage means, or 
other suitable low power storage means. The decoded information is arudyzed to determine 
whether the information corresponds to an authorized user of the host system. When an 
5 authorized user is detected through a comparison, an access code is stored in a buffer. When 
the biometric information does not correspond to an authorized user, an error code is stored in 
the buffer. In response to a request from an exiemal system for the code stored within the 
buffer, either the error code or the authorization code (whichever was last stored) is provided. 
The external system responds to the code in a predetermined fashion. 

10 

Referring to Fig. 1 K a flow chart for an embodiment similar to that of Fig. 1 0 is 
shown. The flow chart of Fig. 1 1 shows only the lower portion of the flow chart - those parts 
associated with bi-directional communication. A time-out is introduced upon storage of a 
code. When a request is not presented within a predetenmined time, the buffer is erased and 

1 5 the method returns to a start. This prevents use of a device, embodying a method according to 
this invention, when found or taken by clearing any data.related to the biometric input from 
the buffer. Second, a request from an external system comprises a further code parameter. 
The code parameter may be in the form of an encryption key, an access category, a device 
number, etc. According to the flow chart, a default code is provided to the external system 

20 when the received code parameter is unknown. When the code parameter is known, an access 
code in dependence upon the code parameter is provided to the external system. The method 
then returns to a start. 

Referring to Fig. 12, a credit card biometric input device is shown. The device 
25 comprises a substantially flat substrate 209. A biometric input means 210 in the form of a 
finger print detector is disposed on the substrate as is a battery 211, an edge connector 212, 
actuating means 214 in the form of card edges, and electronic circuitry 215. The circuitry 
comprises electronic storage and processing means for verifying biometric input and 
providing an access code. The processor means is also for accepting a parameter code from an 
30 external system and encrypting the access code before transmitting same. In use, a user of 
such a device places their finger tip onto the biometric input means 210. Their fingerprint is 
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In a further embodiment the transmitting module 10 and the receiving module 20 are 
programmed via a communication port using a computer. The communication port is 
preferably bi-directional. Preferably, the conununication port is the transceiver in the 
transmitting module 10 and the transducer in the receiving module 20. 

A device according to the present invention may be used to provide secure access to 
computers, computer networks, buildings, safes, houses, portable electronic locks, 
automobiles, banking services in the form of automatic teller machines, electronic commerce, 
household cabinets for rendering them child safe, television services, pay per view television 
services, electrical appliance, garages, hotel rooms, educational facilities, health club 
facilities, etc. The device is useful where passwords, magnetic strips, physical key and lock 
mechanisms, electronic locks, ID cards and other secure forms of identification are used. 

In a further embodiment and according to a method according to the present 
invention, the transmitter is an audio transmitter capable of transmitting tones in dependence 
upon the biometric data. One form of the tones is a series of telephone tones indicative of the 
identity of an individual and capable of being understood by a telephone system. A further 
form of tones are similar to those of a computer modem or fax machine, devices sending 
digital data across analogue telephone lines. 

In order to improve the security of embodiments of this invention, it is possible to 
employ encryption technology. The encryption technologies are generally known and include 
public/private key encryption, session key encryption, and other encryption schemes for 
secure data transmission. In private/public key encryption, a receiver sends a public key to a 
device according to the present invention and transmissions from the device to the receiver 
are encrypted using the public key. Only the receiver, having the private key, can decrypt the 
transmission. A group of public keys can be used or public keys can vary regularly in order to 
prevent interception and replay of a transmission. 

In session key encryption an encryption key is selected for a particular session based on a 
predetenuined algorithm or some other method. The key is used for the session and then 
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Claims 

What we claim is: 

S 1 . A portable biometric input device comprising: 

biometric sensing means for sensing biometric input information, generating biometric data 
therefrom, and providing the biometric data in relation to the sensed biometric input 
information; 

transmission means for receiving at least an aspect of the biometric data and for transmitting 
10 a signal in dependence upon the at least an aspect of the biometric data; and 
a battery for providing power to the device. 

2. A portable biometric input device as defined in claim 1 wherein the transmission means is 
a wireless transmission means for transmitting a signal in dependence upon the at least an 

15 aspect of the biometric data. 

3. A portable biometric input device as defined in claim 1 wherein the transmission means 
comprises a biometric data encoder and an infrared transmitter for transmitting a signal in 
dependence upon the at least an aspect of the biometric data. 

20 

4. A portable biometric input device as defined in claim 1 further comprising storage means 
for storing data related to said biometric data. 

5. A portable biometric input device as defined in claim 4 further comprising processor 
25 means for processing the biometric data. 

6. A portable biometric input device as defined in claim 5 wherein the processor means is for 
comparing the biometric data with previously stored biometric data to provide comparison 
results; and the signal in dependence upon at least an aspect of the biometric data comprises a 

30 signal in dependence upon the comparison results. 
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7 A portable biometric input device as defined in claim 1 , further comprising means to 
receive a password and wherein the transmission means is for transmitting a signal m 
dependence upon at least an aspect of the biometric data and the password. 

8 Aportable biometric input device as defined inclaim l. further comprising means to 
receiveapasswordand wherein the processormeans is for comparing thebiometric data with 

previously stored biometric data and the password and a previously stored password to 
provide comparison results; and the signal in dependence upon at least an aspect of the 
biometric data comprises a signal independence upon the comparison results. 

9 A portable biometric input device as defined in claim 1 >rther comprising means for 
encrypting at least an aspect the biometric data; and the transmission means is for recewmg 
the encrypted data and for transmitting a signal in dependence upon the at least an aspect of 
the encrypted data. 

10. A portable biometric input device as defined in claim 9 wherein the means for encrypting 
the biometric data comprise public/private key encryption means. 

n . A portable biometric input device as defined in claim 9 wherein the means for encrypting 
the biometric data comprise session key encryption means. 

12. A portable biometric input device as defined in claim 1 wherein the biometric input 
means is a fingerprint imaging device. 

25 B. Aportablebiometricinputdeviceasdefinedinclaim 1 further comprising a housing in 
the fonn of a watch casement and a watch face. 

,4 A pombte bion>«ric input de»ic« as deftaed in claim .3 »herei» U« biometric i-p.. 
compri^s a«oci«ed ctectnmic ci™>it„ ari co,*ctive pads disposed on the »a.cl, 

30 face. 
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15. A portable biometric input sensor comprising: 

a) an array of sense elements spaced apart and comprising a sensing electrode for sensing 
biometric input; 

b) drive means coupled to at least some of the sense elements for controlling and addressing 

5 each of the at least some sense elements according to a predetermined sequence, for receiving 
a signal in dependence upon the biometric input, and for providing biometric data in 
dependence upon the sensed biometric input; 

(c) processor means for processing biometric data; and, 

(d) wireless transmission means for transmitting to a receiver a signal that corresponds to at 
10 least an aspect of the biometric data. 

16. A portable biometric input sensor as defined in claim 15, further comprising means for 
encrypting the biometric data further comprising means for encrypting at least an aspect the 
biometric data; and the transmission means is for receiving the encrypted data and for 

1 5 transmitting a signal in dependence upon the at least an aspect of the encrypted data. 

1 1. A portable biometric input sensor as defined in claim 1 6 wherein the means for 
encrypting the biometric data comprise public/private key encryption means. 

20 1 8. A portable biometric input sensor as defined in claim 1 6 wherein the means for 
encrypting the biometric data comprise session key encryption means. 

19. A biometric security identification system comprising: 

a portable transmitting module comprising a biometric sensing means, means for encoding 
25 biometric data and wireless transmission means for transmitting the encoded biometric data 
as an encoded signal; and 

a receiving module comprising means for receiving the encoded signal, means for extracting 
the encoded biometric data, and means for comparing the encoded biometric data with 
predetermined reference values, and means for authorizing access to a host system. 
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20. A biomemc security identification system as defined in claim 19, wherein said biometric 
sensing means comprises a fingerprint scanner. 

21 A biometric security identification system as defined in claim 19. fimher comprising 
n^eansforencrypting the biometric datafi^rthercomprisingmeans for encrypting at least an 

aspect the biometric data; the transmission means is for receiving the encrypted data and for 

transmittingasignal in dependence upon the at least an aspectofthe encrypted data; and the 

n^eans for extracting the encoded biometric data comprises means for decryptmg and for 
extracting the encoded biometric data, 

22. A biometric security identification system as defined in claim 21 wherein the means for 
encrypting the biometric data comprise public/private key encryption means. 

23. A biometric security identification system as defined in claim 21 wherein the means for 
encrypting the biometric data comprise session key encryption means. 
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24 A portable biometric input device comprising: 

sensing means including a platen upon which to «st a finger, said sensing means for sensing 
the presence and location of fingerprint ridges upon the device; 
processor means for processing sensed data; and, 

wireless transmission means for transmitting a signal that corresponds to at least an aspect of 

the sensed data; and 

a battery for providing power to the device. 
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AMENDED CLAIMS 

[received by the International Bureau on 4 February 1998 (04.02.98); 
original claims 1-24 replaced by new claims 1-18 (4 pages)] 



j . A portable biometric input device comprising: 

biometric sensing means for sensing biomeiric input infonnation, generating 
biometric dau. therefrom, and providing the biometric data in relation to tJsensed 
biometric input information; 

storage means for storing data related to said biometric data; 
processor means for characterising the biometric data: and. 

transmission mean, for receiving a. least an aspect of the coaracterised biometric data 
and for transmining a signal ,n dependence upon the at least an aspect of the 
characterised biometric data; and 
a battery for providing power to the device. 

2. A portable biomeiric input device comprising: 

btometrie sensing means for sensmg biometric input information, generaring 
h.omctnc data there ftom, and providing the biometric data in relation to tl.e sensed 
biomeiric inpui informaiiou; 

a processor for comparing the biometric data ^.ith previously stored biometric data te 
provide comparison results: and. 

iransmission means for receiving at least an aspect of the biometric data and for 
iransmnung a signal in dependence upon il« compari.v»n results. 

3. A ponabie biometric input device as defined in claim 2. further comprising means 

ioreeeiveapasswordandwheremthetransmissionmear.isfortxan.^^^^^^ 
in dependence upon at least an aspect of the biometric data and the password. 

4. A portable biometric mput device as defined in claim 2 comprising means lo 
receive apassword and wherein the processor mean, is for comparing the password 
and a previously stored password to provide further comparison result..: and wherein 
the signal in dependence upon at least an aspect of the comparison results is a .signal 



25 

AMENDED SHEET (ARTICLE 19) 



PCT/CA97/00663 

W^O 98/12670 



in dependence upon at least an aspect of xhe comparison results and of the further 
comparison results. 

5. A portable biomctric input device comprising: 
5 biomctric sensing means Ibr sensing biomctric input information, generating 

biomctric data therefrom, and providmg tlie biomcuic data in relation to the sensed 
biomctric inpui inronnation; 

means for cncrj'pune ax least m aspect the biomctric data, 

transmission means for receiving at icasi an aspect of tlie encrypwd biomctric data and 
10 foi transmrtUng a signal in dependence upon the ai least an aspect of the biomctric 
data; and 

a batt«T>' for ptovi<Ung power to trie device. 

6. A ponabic biomeuic input device as defined in ckim 5 wherein the means for 
1 5 encr>'ptins the biomeiric data comprise public/private key encryption means. 

7. A portable biomctric input device as defined in claim 5 wherein Ae means for 
encrj'pting the biometric data comprise session key encryption means. 

20 8. A portable biomctric input device as defined in claim wherein the biometric input 
means is a ftr^crprni imaging device. 

9. A portable biometric input device as defined in clahn I further comprising a 
housing in the form of a waich casement and a waich face. 

25 

10. A portable biometric input device as defined in claim 9 wherein the biometric 
input means comprises associated electronic circuitry and conductive pads disposed 
on the watch face. 

30 U . .A. portable biomctric input sensor comprising: 

a) an anay of sense elements spaced apart and comprising a sensing electrode for 
sensing biometric input; 
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b) drive means coupled to at least some of tiie sense elements for controaing and 
addi«sing each of the at leasi some sense elements according to a predetermined 
sequence for receiving a signal in dependence upon the biometric input, and for 
providing biometric data in dependence upon the sensed biometric input; 

(c) processor means for processing biometric data; and, 

(d) Nviieless transmission means for transmitting to a receiver a signal tl^at corresponds 
to at least an aspect of the biomcttic data. 

12. A portable biometric input sensor as defined in claim 1 1, further comt^rising 
means for .ncrvpting the biometric data father comprising means for encrypting at 
least an aspect the biometric data; and the transmission means is for T«cei^^ng the 
encr>pied data and for uansmitting a signal in dependence upon the at least an aspect 
of the encn'pied data. 

13 . A portable biometric input sensor as defined in claim 12 wherein the means for 
encrypting the biometric data comprise public'private key encryption means. 

14. A poruible biometric input sensor as defined in claim 1 2 wherein the means for 
«ncwpting the biometric data comprise session key enciypdon means. 

15. A biometric security identification system comprising: 

a portable transmitting module comprising a biometric scnsmg, means fox sensing 
biometric data, means for en«>.pting at least an aspect the biometric data, means for 
encoding the encrypted biometric data, and ^^■irdess transmission means for 
transmitting the encoded encrypted biometric data as an encoded signal; and 
a receiving module comprising n.eans for recei^^ the encoded signal, means for 
extracting the encoded biometric data, mean.s Tor decrypung the decoded biometric 
data, means for comparing tlie biomctr.c data w^th predetemtincd reference val«.s, 
and means for authorizing access to a host system. 

1 6. A biometric security- identification system as defined in claim 1 5. wherein said 
biometnc sensing means comprises a fingerprint scanner. 
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1 7 A biomciric security identification system as defined in claim 1 5 xvtiorcin the 
means for cncrypMn the biometric data comprise publia'private key encryption 

means. 

18. A biometric sccurit>' identification system as defined in claim I S wherein the 
means for encrypting the biometric data comprise session key cncrj-ption means. 
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